Development of a framework to extend access control models with semantic layers in IoT

With the rapid advancement of digital technologies and sophisticated analytical tools and techniques, data has become an indispensable asset for individuals, organizations, etc. and provides valuable insights to improve production, business operations and drive innovation. However, in many domains, approaches to ensuring data and communication security remain diverse and domain-specific.

Access Control, one of the crucial security mechanisms in the field of the Internet of Things (IoT), is responsible for ensuring that only authorized parties can participate in communication and access systems, resources, services, etc. Therefore, this technology reduces the risks associated with unauthorized data usage and misuse. However, various access control models exhibit limitations in practical implementation. It is because they are complex for resource owners to manage and maintain and for resource servers to understand without domain- and access control-related knowledge, especially in cross-domain applications or resource-constrained systems.

One of the novel approaches to addressing the highlighted predicament refers to establishing semantic layers to describe various access control models. Here, currently running research involves OAC (Open Digital Right Language Profile for Access Control) [1] and WAC (Web Access Control) for Access Control List (ACL) [2]. Nevertheless, the complexity of practical implementation still remains since existing Access Control models must be expressed with a suitable language, and the meaning of permission and actions is not covered as well.

This work aims to achieve semantic interoperability for structured access control data. The proposed approach is to conceptualize and implement a framework to extend existing access control models and the encompassed information (such as actions and permissions) with semantic layers, using suitable expressing languages and domain-independent (or domain-dependent) vocabularies and ontologies.

Concrete work packages comprise:

  • Familiarization with Access Control and the Internet of Things
  • Literature research on concepts for Access Controls and semantics
  • Choosing a suitable language to express access control models
  • Development of a concept for developing the above-mentioned framework to integrate semantic layers into the structured access control models
  • Prototypical implementation of the developed concept
  • Demonstration and validation using forest-based use cases
  • Written elaboration and presentation

Supervisor: Chen

[1]: https://protect.oeg.fi.upm.es/odrl-access-control-profile/oac.html

[2]: https://www.w3.org/wiki/WebAccessControl